A security update for Camel for Spring Boot 3.18.3.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
spring-boot: Security Bypass With Wildcard Pattern Matching on Cloud Foundry (CVE-2023-20873)
jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode (CVE-2021-46877)
bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
snappy-java: Unchecked chunk length leads to DoS (CVE-2023-34455)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.